" My introduction today came from a ZDnet article that raises security concerns.

see http://news.zdnet.com/2100-1009_22-5631009.html?tag=nl.e58"

i think you could read some of the comments, though i understandwhy you wuoldn't :-)

Although threaded, zdnets comments need revamping

anyway, the last paragraphs explained why OPENLY PERUSABLE scripts are far more "vettable" than are a jillion everchanging scripts&Java&ActiveX's within a jillion everchanging webpages.

qoute:"A hacker could create a script that does something users want, but also makes a call to the hacker's server, sending your cookies to that machine," Boodman wrote. "He could even scan for password fields and upload those...At this point, I'm only comfortable because the (Greasemonkey) community is relatively small and techie. It would be difficult for a hacker to distribute a malicious script in this environment."

Boodman said he was open to ideas on improving Greasemonkey's security.

For now, he urged caution along the same lines that Opera did.

"All I can say is that just like any other software, you should think a tiny bit before installing a user script," Boodman wrote. "Make sure the author is someone you trust, or at least in a social network you trust."

right. as applies to any software, addon, toolbar, whatever. look before you leap.